=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2011/VULN057
_____________________________________________________________________

DATE                      : 26/01/2011

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Novell GroupWise 8, Novell GroupWise 8 Internet Agent.

======================================================================
http://www.novell.com/support/viewContent.do?externalId=7007638
______________________________________________________________________

Security Vulnerability - GroupWise 8 Internet Agent TZID (VCALENDAR) Variable Parsing

This document (7007638) is provided subject to the disclaimer at the end of
this document.

Environment

Novell GroupWise 8
Novell GroupWise 8 Internet Agent

Previous versions (such as GroupWise 7.x) of GroupWise are likely also
vulnerable but are no longer supported. Customers on earlier versions
of GroupWise should, at a minimum, upgrade their GWIAs and associated
Domains to version 8.02HP2 in order to secure their system.


Situation
The GroupWise Internet Agent (GWIA) has a vulnerability in the way that
it parses the TZID variable within a received VCALENDAR message, which
could potentially allow an unauthenticated remote attacker to execute
arbitrary code on vulnerable installations of GWIA.

This vulnerability was discovered and reported by Anonymous working with
TippingPoint's Zero Day Initiative (http://www.zerodayinitiative.com), ZDI-CAN-967

Novell bug 657818, CVE-2010-4325


Resolution

To resolve this security issue, update GWIA to version 8.02 Hot Patch 2 (or later).


Bug Number
657818
Document
Document ID:	7007638
Creation Date:	01-21-2011
Modified Date:	01-25-2011
Novell Product:	GroupWise


Disclaimer

The Origin of this information may be internal or external to Novell.
Novell makes all reasonable efforts to verify this information. However,
the information provided in this document is for your information only.
Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their
respective owners. Consult your product manuals for complete trademark
information.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================